Common use cases

Wipe all data left on the device

There may be (unencrypted) data left on the device and you want to protect against simple Forensic Investigation that is mere child's play with for example File Recovery Software.

If you want to quickly wipe everything from the disk /dev/zero or simple patterns allow maximum performance while adequate randomness can be advantageous in some cases that should be covered up in #Data remanence.

Every overwritten bit means to provide a level of data erasure not allowing recovery with normal system functions (like standard ATA/SCSI commands) and hardware interfaces. Any File Recovery Software mentioned above then would need to be specialized on proprietary storage-hardware features.

In case of a HDD data recreation will not be possible without at least undocumented drive commands or fiddling about the device’s controller or firmware to make them read out for example reallocated sectors (bad blocks that S.M.A.R.T. retired from use).

There are different wiping issues with different physical storage technologys, most notably all Flash memory based devices and older magnetic storage (old HDD's, Floppys, Tape).

Warning: If Block device encryption is mapped on a partition that contains anything else than random/encrypted data, disclosure of usage patterns on the encrypted drive is possible and weakens the encryption being comparable with filesystem-level-encryption. Do never use /dev/zero, simple patterns (badblocks, eg.) or other unrandom data before setting up Block device encryption if you are serious about it!

Select a data source for overwriting

As just said If you want to wipe sensitive data you can use anything matching your needs.

If you want to setup block device encryption afterwards you should always wipe at least with Pseudorandom data.

For Data that is not truely random your disk's writing speed should be the only limiting factor. If you need random data performance may extremely depend on what you choose as source of entropy.

Unrandom data

Overwriting with /dev/zero or simple patterns is considered secure in most resources. In the case of current HDD's it should be sufficient for fast disk wipes.

Warning: A drive that is abnormally fast in writing patterns or zeroing could be doing transparent compression. It is obviously presumable not all blocks get wiped this way. Some #Flash memory devices do "feature" that.

Pattern write test

Note: The badblocks command overwrites the drive at a much faster rate by generating data that is not truly random.

Random data

Note: Data that is hard to compress (random data) will get written slower if the drive logic mentioned in the #Unrandom data warning tries in compressing it. This should not lead to #Data remanence though. As maximum write-speed is not the performance-bottleneck it can get completely neglected while wiping disks with random data.

Kernel built-in RNG

Entropy

Template:Moveto
The Kernel built-in RNG /dev/random provides you the same quality random data you would use for keygeneration, but can be nearly impractical to use at least for wiping current HDD capacitys.
What makes disk wiping take so long with is to wait for it to gather enough true entropy.
In an entropy starved situation (e.g. remote server) this might never end while doing search operations on large directories or moving the mouse in X can slowly refill the entropy pool.

You can always compare /proc/sys/kernel/random/entropy_avail against /proc/sys/kernel/random/poolsize to keep an eye on your entropy pool.

The Kernels poolsize is 4096 bit.
It is hardcoded in kernel line 275 of /drivers/char/random.c

Select a program

/dev/<drive> is the drive to be encrypted.

Coreutils

This article or section is a candidate for merging with Core_Utilities.

Notes: Basic file operations are not specific to disk wiping! Unrelated stuff in this section should get merged and then deleted and replaced with a link to Core Utilities. Did you ever want to write an article about dd and Co? Then just go ahead. (Discuss in Talk:Securely wipe disk#)

Dd

Note: cp does the same as dd without any operands but is not designed for more versatile disk wiping procedures.

Checking progress of dd while running

By default, there is no output of dd until the task has finished. With kill and the "USR1"-Signal you can force status output without actually killing the program. Open up a 2nd root terminal and issue the following command:

# killall -USR1 dd

Note: This will affect all other running dd-processes as well.

Or:

# kill -USR1 <PID_OF_dd_COMMAND>

For example:

# kill -USR1 $(pidof dd)

This causes the terminal in which dd is running to output the progress at the time the command was run. For example:

Dd spin-offs

dcfldd is an enhanced version of dd with features useful for forensics and security. It accepts most of dd's parameters and includes status output. The last stable version of dcfldd was released on December 19, 2006.[1]

ddrescue

GNU ddrescue is a data recovery tool. It's capable of ignoring read errors what is a useless feature for disk wiping in almost any case.
GNU ddrescue Manual

shred

From Wikipedia: Shred is a Unix command that can be used to securely delete files and devices so that they can be recovered only with great difficulty with specialised hardware, if at all.

Shred uses three passes, writing pseudo-random data to the harddrive each pass. This can be reduced or increased.

# shred -v /dev/<drive>

This invokes shred with default settings, displaying the progress to stdout.

# shred --verbose --random-source=/dev/urandom -n1 /dev/<drive>

Invokes shred telling it to only do one pass, with entropy from /dev/urandom.

Warning: A "random pattern" is a contradiction in itself. As badblocks does not reuse entropy like urandom but simply repeats one "random pattern" it should not be used where random data would be needed, e.g. for block device encryption.

# badblocks -wsvt random /dev/<drive>

Badblocks can run a settable number of consecutive passes with the -p option. Default is one pass.

# badblocks -wsvp <number> /dev/<drive>

This makes it more likely to find all weak blocks. As a side effect this could help in limiting #Data_remanence to very rare cases for most storage devices.

Note:S.M.A.R.T. (Self-Monitoring, Analysis, and Reporting Technology) is featured in almost every HDD still in use nowadays.

Select a target

Note: Fdisk will not work on GPT formatted devices. Use gdisk instead.

Use fdisk to locate all read/write devices the user has read acess to.

Block size

Template:Wikipedia
If you have a Advanced Format hard drive it is recommended that you specify a block size larger than the default 512 bytes. To speed up the overwriting process choose a block size matching your drive's physical geometry by appending the block size option to the dd command (i.e. bs=4096 for 4KB).

Overwrite the disk

Warning: There is no confirmation regarding the sanity of this command so repeatedly check that the correct drive or partition has been targeted. Make certain that the of=... option points to the target drive and not to a system disk.

Zero-fill the disk by writing a zero byte to every addressable location on the disk using the /dev/zero stream.

The residual representation of data may remain even after attempts have been made to remove or erase the data.

Residual data may get wiped by writing (random) data to the disk with a single or even more than one iteration. However, more than one iteration may not significantly decrease the possibility to reconstruct the data of hard disk drives. For more information see Secure deletion: a single overwrite will do it - The H Security.

Random data

If the data can get exactly located on the disk and was never copied anywhere else, wiping with random data can be thoroughgoing and impressively quick as long there is enough entropy in the pool.

Hardware specific issues

Flash memory

Wikipedia:Write amplification and other characteristics make Flash memory a stubborn target for reliable wiping.
As there is a lot of transparent abstraction in between data as seen by a device's controller chip and the operating system sight data is never overwritten in place and wiping particular blocks or files is not reliable.

Other "features" like transparent compression (all SandForce SSD's) can compress your /dev/zero or pattern stream so if wiping is fast beyond belief this might be the case.

Disassembling Flash memory devices, unsoldering the chips and analyzing data content without the controller in between is feasible without difficulty using simple hardware. Data recovery companys do it for cheap money.

Residual magnetism

Wiped hard disk drives and other magnetic storage can get disassembled in a cleanroom and then analyzed with equipment like a magnetic force microscope. This may allow the overwritten data to be reconstructed by analyzing the measured residual magnetics.

This method of data recovery for current HDD's is largely theoretical and would require substantial financial resources. Nevertheless degaussing is still a practiced countermeasure.

Old magnetic storage

Securely wiping old magnetic storage (e.g. floppy disks, magnetic tape) is much harder due to much lower memory storage density. Many iterations with random data might be needed to wipe any sensitive data. To ensure that data has been completely erased most resources advise physical destruction.

Operating system, programs and filesystem

Note: This is not specific to any hardware obviously.

The operating system, executed programs or journaling file systems may copy your unencrypted data throughout the block device. When writing to plain disks this should only be relevant in conjunction with one of the above.